Historian, Former Ambassador, Human Rights Activist

I have been busy surfing for arguments in favour of the government’s proposal for six week detention without charge, so I can counter them, but I haven’t found anything so far that can begin to be described as an argument in favour. Can anybody help me?

I remember then Home Sec Blunkett speaking on Radio 4 when 90 days detention without charge was first proposed. He was speaking in that passionate manner I've come to associate with Nulab persons attempting to disguise their bullshit.

One of his arguments was that modern encryption techniques (he gave triple DES as an example) require supercomputer power to crack, the implication being that it could be done within 90 days.

There were flaws with this argument.

1) Modern ciphers are essentially unbreakable even with a supercomputer – and possibly even with a quantum computer. 90 years will not be enough. Examples of modern ciphers include Rijndael (AES), Twofish, Serpent, Blowfish (and RSA, which is of a different type). Applications using these are freely available (Open Source, also means high confidence of no back doors) and easy to use. DES (and triple DES) date from the 1960s and has been analytically weakened, allowing it to be broken. It has been superseded by Rijndael.

2) The Regulation of Investigatory Powers Act (RIPA) has a provision, just come into force, which allows the police to demand keys to encrypted data or unencrypted copies of the data. Failure to comply is punishable by up to two years in prison. This is a bit longer than 90 days. On the other hand, some (OSS and proprietary) software has a cunning means of avoiding this – hidden encrypted containers within encrypted containers, the existence of which can neither be proven nor disproven.

The best options for getting at encrypted data I expect would include:

a) Getting hold of the keyring, and attempting to find the human-memorable password that encrypts the key. Many people chose crap passwords, but some don't, so this may work quickly or be impractical. Use of GPGPU (general purpose graphics processing units) techniques can hugely accelerate this process.

b) Installing a keylogger (hardware or software) on the suspect's machine without his knowledge, wait for him to open the data, and watch.

c) Methodically examining the suspect's hard drive for any leaked information. For example, in the pagefile. Care and specialist software can foil this.

I'm confident both are already done. German police wanted a software system that could be installed remotely on a target machine over the Internet, which presents all sorts of issues and wouldn't work anyway.

If you know what you are doing, a surreptitiously installed key logger won't help the spooks much either. It is possible to set up an system that, in addition to a robust password to the robust encryption algorithms you describe, also includes a pre-existing ordinary file (graphics audio or whatever) as a key-file. The combination then comprises the full encription key and there is no way of discovering whether or not the key includes a key-file or not – short of Uzbek interrogation methods of course.

Craig

On the substantive issue. This whole extension business is bogus IMO. OK the police say they MIGHT need it (to prosecute the largely phoney 'war on terror'); but to elevate it to the top of the political agenda in this manner when even 28 days has not yet been used, smacks of hidden motives to me. I suspect that, in similar fashion to the proliferation of reserved emergency powers-type legislation in the US, it is another part of the ongoing preparations for the sort of civil unrest we can expect when the implications of peak oil/energy and its confluence with climate change and the planets current unsustainable population size (let alone projected growth) really begin to permeate public consciousness. The 'war on terror' will morph into a war on anyone deemed threatening to the omnipotence of a crumbling State whose religion of perpetual globalised economic growth is revealed – 'wizard of Oz-like – as a sham. That after all is the real motive power behind the 'war on terror' anyway because, according to this state religion: "We need that damned oil and anyone who doesn't co-operate in ensuring that we have continued unfettered access to it is either a 'terrorist' or a 'supporter of terrorism and must therefore expect to be on the receiving end of our – strictly well-meaning, morally upright and humanitarian of course – military enforcement capabilities".